Penetration Testing mailing list archives
Re: InfoSec certification EC/BackTrack?
From: Pete Herzog <lists () isecom org>
Date: Wed, 05 Mar 2008 22:00:01 +0100
Hi, Joseph McCray wrote:
No this is not a shameless plug from a guy that runs a security training company. I would say that you want to make sure that you have the background for the job more so than the certs. I'm not saying that you shouldn't get them - they do have quite a bit of merit especially considering that people often doing the hiring really aren't very technical so the certs will definitely get you an interview.
As often is the case, I find it difficult to disagree with Joe. But I think there is a small problem with work experience-- it's only good if the experience is NOT created by layers of bad information and security myths.
Many of the salty dogs of the security world today come from varied IT backgrounds because there were no security courses or certifications to stumble out of whenceforth one "sees the light". But unfortunately those who gained experience after the introduction of knowledge-based certifications were peppered with "best practices" which grew into myths as they were extrapolated into areas of IT security that they made no sense to be in or became outdated as technology advanced.
Certification, the skills kind based on solid security research and not general practices or a monster manual of tools and scripts (and yes I work for ISECOM so I'm differentiating here), can actually prove the practitioner has learned to tell security fact from fiction, a key element for any security employee.
And by the good kind, I'm referring to the OPST and OPSA... just in case some of you didn't catch that.
Sincerely, -pete. www.isecom.org ------------------------------------------------------------------------ This list is sponsored by: Cenzic Need to secure your web apps NOW? Cenzic finds more, "real" vulnerabilities fast. Click to try it, buy it or download a solution FREE today! http://www.cenzic.com/downloads ------------------------------------------------------------------------
Current thread:
- InfoSec certification EC/BackTrack? 11ack3r (Mar 04)
- Re: InfoSec certification EC/BackTrack? Danux (Mar 04)
- Re: InfoSec certification EC/BackTrack? Peter Manis (Mar 04)
- Re: InfoSec certification EC/BackTrack? Terry Cutler (Mar 05)
- Re: InfoSec certification EC/BackTrack? Nibin (Mar 05)
- Re: InfoSec certification EC/BackTrack? Joseph McCray (Mar 05)
- Re: InfoSec certification EC/BackTrack? Pete Herzog (Mar 06)